I don't understand following code :
# untaint $userName (can finish with one or two $)
if ($userName =~ /^([\w -.]+\$?)$/) {
$userName = $1;
} else {
print "$0: illegal username\n";
exit (1);
}
The comment say "(can finish with one or two $)" but the regexp will only match one, and I don't understand what does "untaint" mean.
And what is the goal of "$userName = $1" ? $1 will always have the content that $userName already had, except maybe "\n" at the end that would be dropped.